The Java-based exploit uses the same vulnerability as "Flashback", CVE-2012-0507. Current versions of Mac OS X and those with their browser's Java plugin disabled should be safe from the exploit. The malware dropped, Backdoor:OSX/Dockster.A, is a basic backdoor with file download and keylogger capabilities.

This is not the first time gyalwarinpoche.com has been compromised and it certainly isn't the first time Tibetan related NGOs have been targeted. Read more here and here.

There is also an exploit, CVE-2012-4681, with a Windows-based payload: Trojan.Agent.AXMO.